Advertising

The 2018 debian-ports archive signing key will expire in about one
month. The 2018 one has been created, uploaded to the keyservers, and a
new version of the debian-ports-archive-keyring package has also been
uploaded. This key will be used in the next few days to sign the archive
in addition to the 2017 one, which will be deactivated when expired.
The key is:
pub rsa4096/0x06AED62430CB581C 2017-12-30 [SC] [expires: 2019-01-31]
58E64B9BB11BC112205DBCDB06AED62430CB581C
uid [ full ] Debian Ports Archive Automatic Signing Key (2018)
<ftpmas...@ports-master.debian.org>
It can be found as well on:
<https://www.ports.debian.org/archive_2018.key>
Or attached to this mail.
Regards,
Aurelien

What a system administrator needs to do about it?

Just make sure to run `apt update` and `apt upgrade` before February to ensure
you have the updated debian-ports-archive-keyring package, which is version
2017.12.30 (you can check with `dpkg -l debian-ports-archive-keyring`).

So I just recently installed GNU/Hurd from the 2017 stretch image last
Thursday. I have the version 2016.11.28 of debian-ports-archive-keyring
. So is it too late for me to upgrade? I get the error:

The following signatures couldn't be verified because the public key
is not available: NO_PUBKEY 06AED62430CB581C

Reading package lists... Done

W: GPG error: http://ftp.ports.debian.org/debian-ports unreleased
InRelease: The following signatures couldn't be verified because the
public key is not available: NO_PUBKEY 06AED62430CB581C
E: The repository 'http://ftp.ports.debian.org/debian-ports unreleased
InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is
therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user
configuration details.